The speed and bandwidth of 5G means that as the roll out continues a lot of industrial automation equipment will eventually be on the 5G network.

So what can be done to protect the integrity and availability of manufacturing networks and other critical infrastructure? We spoke to Dave Weinstein, CSO of Claroty to discuss the link between 5G and the cyber security of critical infrastructure.

Continue reading →

As businesses move into the cloud and expand their use of IoT devices, protecting their systems becomes much more complex.

To address this problem Cisco is launching a new integrated cloud-native security platform, Cisco SecureX, aimed at improving visibility, identifying unknown threats, and automating workflows to strengthen customers’ security across network, endpoint, cloud, and applications.

Continue reading →

One of the biggest things an organization can do to stay afloat and thriving in our current competitive landscape is to be readily adaptable to change. In contrast, one of the biggest mistakes I often see organizations make is not having a strong enough grasp on their IT infrastructure to do so.

This means that when a problem arises, decision makers will often act out of instinct and make changes that then create further problems or cause unexpected side effects. Once you can quickly and properly survey the technological and/or organizational landscape you’re working with, being adaptable to change can be almost effortless. Below are a few tactics to help you remain adaptable to change and avoid potential catastrophe in the face of an uncertain market.

Continue reading →

As more services move to the cloud, enterprises are exposed to increased risks from data breaches, and around 40 percent of organizations have suffered from Office 365 account takeovers.

According to Microsoft's Q3 2019 earnings call, there are more than 180 million monthly users on Office 365, which means there's a big attack surface out there for cybercriminals. That's why threat detection and response specialist Vectra AI has announced a new tool to help businesses protect themselves.

Continue reading →

IBM and Red Hat have revealed the latest fruit of their tie-up with the announcement of general availability of Red Hat OpenShift on IBM Z and LinuxONE systems.

Red Hat is already a leader in hybrid cloud and enterprise Kubernetes, with more than 1,000 customers already using the OpenShift platform to manage containers.

Continue reading →

Digital transformation is a prime objective for many businesses, with 93 percent of enterprises undergoing some kind of project according to a new report.

The survey conducted by Hanover Research and commissioned by digital platform company AHEAD shows these efforts are driven primarily by a desire to cut costs (77 percent) and improve customer experience (71 percent).

Continue reading →

Half of respondents to a new survey report that they have experienced a breach because one or more of their security tools wasn't working as expected.

The Security Operations Effectiveness survey from Keysight Technologies  questioned over 300 individuals involved in enterprise security solutions and found that only just over half (57 percent) of security professionals are confident their current security solutions are working as intended.

Continue reading →

Enterprises are moving more of their workloads to the cloud in order to enhance their agility and responsiveness. But in the rush to develop new applications security can sometimes take a back seat.

Today Tufin is launching SecureCloud, a security policy automation service for enterprises that need to gain visibility and control over the security posture of their cloud-native and hybrid cloud environments.

Continue reading →

Most people who keep relatively up to date on security lingo easily understand the concepts of the basics, such as "compliance," "edge security," and "incident response." But when you bring penetration testing into the conversation, you lose half your audience. A much smaller percentage of the population knows what it is, and even fewer understand how it is done or the significant value it adds to the security tool chest.

While some enterprises may contract a third party to conduct penetration testing because it is required for a variety of reasons (part of an industry framework such as PCI-DSS or FedRAMP, or a prospective customer demands it), many don’t understand the techniques involved or are surprised by the depth of the activity. The client may not actively engage in the "scoping" calls to review and set parameters around what will be done and then are surprised by the more rigorous techniques involved, especially if those techniques unsuspectingly bring down client systems temporarily. The testers themselves, shrouded in misperceptions, may evoke images of donning hoodies and barely skimming the line between criminality and service. Recent news of penetration testers being whisked off to jail during a client assignment in Iowa hasn’t helped. It’s time to set the record straight.

Continue reading →

Despite recent legislation placing greater emphasis on privacy and data protection, a new study of data sanitization policies reveals that in many cases there’s a gap between policy and execution.

The study of more than 1,800 senior business leaders by Blancco Technology Group reveals that although 96 percent have a sanitization policy in place, 31 percent have yet to communicate it across the business and 20 percent don't believe their organization's policies are finished being defined.

Continue reading →

Many organizations lack the resources to effectively implement 24x7 security operations on their own, and while automation solutions can help, they typically require extensive expertise to implement and manage.

Security automation specialist LogicHub is launching a new automation driven Managed Detection and Response solution called MDR+ to help address this issue.

Continue reading →

Just 17 percent of organizations worldwide are considered 'leaders' in cyber resilience, meaning under a fifth are effectively stopping cyberattacks and finding and fixing breaches fast enough to lower the impact, according to a new report from Accenture.

Based on a survey of more than 4,600 enterprise security practitioners, Accenture's report looks at how businesses prioritize security, the effectiveness of their current security efforts, and the impact of new security-related investments.

Continue reading →

Businesses are collecting more data than ever, but ensuring that employees have easy and reliable access to information they need for their jobs can prove difficult.

Now though Kloud.io has raised $4 million in seed funding for its spreadsheet-based application that enables financial analysts to directly access data from multiple sources, such as Salesforce, Oracle, Netsuite, and hundreds more.

Continue reading →

Modern businesses have large numbers of documents, many of which contain information that is commercially sensitive. But poor file management, incorrect permissions and uncontrolled sharing can put that information at risk.

The unstructured nature of this data makes it notoriously difficult to keep track of. Now though California-based Concentric is launching a new solution to allow enterprises to identify and protect these documents.

Continue reading →

With attackers often targeting individuals and their credentials to gain unauthorized access to accounts, people are increasingly at the center of security.

This is one of the conclusions of a new report from identity solutions provider Okta which finds that when deploying security tools a third of businesses start with a tool focused on protecting their people, as opposed to devices, infrastructure, and networks.

Continue reading →